use of org.springframework.security.oauth.provider.verifier.OAuthVerifierServices in project spring-security-oauth by spring-projects.
the class OAuthUserAuthorizationProcessingFilterTests method testAttemptAuthentication.
/**
* tests the attempt to authenticate.
*/
@Test
public void testAttemptAuthentication() throws Exception {
UserAuthorizationProcessingFilter filter = new UserAuthorizationProcessingFilter("/");
OAuthVerifierServices vs = mock(OAuthVerifierServices.class);
filter.setVerifierServices(vs);
HttpServletRequest request = mock(HttpServletRequest.class);
HttpServletResponse response = mock(HttpServletResponse.class);
Authentication authentication = mock(Authentication.class);
OAuthProviderTokenServices tokenServices = mock(OAuthProviderTokenServices.class);
filter.setTokenServices(tokenServices);
SecurityContextHolder.getContext().setAuthentication(authentication);
when(request.getParameter("requestToken")).thenReturn("tok");
OAuthProviderTokenImpl token = new OAuthProviderTokenImpl();
token.setCallbackUrl("callback");
when(tokenServices.getToken("tok")).thenReturn(token);
when(authentication.isAuthenticated()).thenReturn(false);
try {
filter.attemptAuthentication(request, response);
fail();
} catch (InsufficientAuthenticationException e) {
}
verify(request).setAttribute(UserAuthorizationProcessingFilter.CALLBACK_ATTRIBUTE, "callback");
reset(request);
when(authentication.isAuthenticated()).thenReturn(true);
when(request.getParameter("requestToken")).thenReturn("tok");
when(tokenServices.getToken("tok")).thenReturn(token);
when(vs.createVerifier()).thenReturn("verifier");
tokenServices.authorizeRequestToken("tok", "verifier", authentication);
filter.setTokenServices(tokenServices);
filter.attemptAuthentication(request, response);
verify(request).setAttribute(UserAuthorizationProcessingFilter.CALLBACK_ATTRIBUTE, "callback");
verify(request).setAttribute(UserAuthorizationProcessingFilter.VERIFIER_ATTRIBUTE, "verifier");
SecurityContextHolder.getContext().setAuthentication(null);
}
Aggregations